Article (Scientific journals)
Forget the Myth of the Air Gap: Machine Learningfor Reliable Intrusion Detection in SCADA Systems
Lopez Perez, Rocio; Adamsky, Florian; Soua, Ridha et al.
2019In EAI Endorsed Transactions on Security and Safety
Peer Reviewed verified by ORBi
 

Files


Full Text
Machine_Learning_for_Reliable_Network_Attack_Detection_in_SCADA_Systems.pdf
Author preprint (350.71 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Critical Infrastructures; SCADA; Anomaly detection; machine learning
Abstract :
[en] Since Critical Infrastructures (CIs) use systems and equipment that are separated by long distances,Supervisory Control And Data Acquisition (SCADA) systems are used to monitor their behaviour and to send commands remotely. For a long time, operator of CIs applied the air gap principle, a security strategy that physically isolates the control network from other communication channels. True isolation, however,is difficult nowadays due to the massive spread of connectivity: using open protocols and more connectivity opens new network attacks against CIs. To cope with this dilemma, sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number and variety. However, traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. To this end, we assess in this paper Machine Learning (ML) techniques for anomaly detection in SCADA systems using a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU).The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), Random Forest (RF), Bidirectional Long Short Term Memory (BLSTM) are assessed in terms of accuracy, precision,recall and F1 score for intrusion detection. Two cases are differentiated: binary and categorical classifications.Our experiments reveal that RF and BLSTM detect intrusions effectively, with an F1 score of respectively>99% and>96%
Disciplines :
Computer science
Author, co-author :
Lopez Perez, Rocio
Adamsky, Florian ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Soua, Ridha ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Engel, Thomas ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
External co-authors :
no
Language :
English
Title :
Forget the Myth of the Air Gap: Machine Learningfor Reliable Intrusion Detection in SCADA Systems
Publication date :
29 January 2019
Journal title :
EAI Endorsed Transactions on Security and Safety
ISSN :
2032-9393
Publisher :
European Alliance for Innovation (EAI)
Peer reviewed :
Peer Reviewed verified by ORBi
Focus Area :
Security, Reliability and Trust
European Projects :
H2020 - 700581 - ATENA - Advanced Tools to assEss and mitigate the criticality of ICT compoNents and their dependencies over Critical InfrAstructures
Funders :
CE - Commission Européenne [BE]
Available on ORBilu :
since 17 August 2019

Statistics


Number of views
175 (10 by Unilu)
Number of downloads
75 (3 by Unilu)

Bibliography


Similar publications



Contact ORBilu